Updated FAQ (markdown)

El RIDO 2016-08-25 08:53:30 +02:00
parent 7dec8aaba6
commit 6f7c64e80a

58
FAQ.md

@ -4,83 +4,84 @@ Please have a look at these questions *before* opening an issue in this repo.
### Why have you changed your name? ### Why have you changed your name?
PrivateBin started as a fork of [ZeroBin](https://github.com/sebsauvage/ZeroBin). As PrivateBin got developed independently of ZeroBin and many new features were added, the design was improved and many security vulnerabilities were fixed, so we thought it was time for a change, which displays the development efforts, which were used to improve PrivateBin. PrivateBin started as a fork of [ZeroBin](https://github.com/sebsauvage/ZeroBin). The fork continued development after ZeroBin stopped being updated. Many new features were added, the general code structure improved and many security vulnerabilities fixed. Therefore it seemed appropriate to change the forks name, to reflect the huge development efforts which lead to the improved PrivateBin.
### Why is it named "PrivateBin"? ### Why is it named "PrivateBin"?
We have [asked the ZeroBin community](https://github.com/elrido/ZeroBin/issues/79) when we decided to switch to a new name and chose [the most popular name](https://github.com/elrido/ZeroBin/issues/79#issuecomment-242116386). We [asked the ZeroBin community](https://github.com/elrido/ZeroBin/issues/79) when we decided to switch to a new name and chose [the most popular name](https://github.com/elrido/ZeroBin/issues/79#issuecomment-242116386).
### If I use PrivateBin and post the link in a forum/in social media/... is my content secure? ### If I use PrivateBin and post the link in a forum, in social media, etc. is my content secure?
As long as you set no password, **everyone who has the link can see the content of a PrivateBin**! As long as you set no password, **everyone who has the link can decrypt the content of a PrivateBin**!
The only way to prevent this is to set a long, secure password when uploading. You can find many tips to create secure password online, one of the most famous ones is shown in [this xkcd comic](https://www.xkcd.com/936/) ([explanation](https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength)). The only way to prevent this is to set a long, secure password when posting. You can find many tips to create secure password online, one of the most famous ones is shown in [this xkcd comic](https://www.xkcd.com/936/) ([explanation](https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength)).
### Which PrivateBin server should I use? ### Which PrivateBin server should I use?
Generally it is recommend to host your own instance of PrivateBin. You can do this with cheap equipment directly at home if you do not fear setting up a server. Generally it is recommend to host your own instance of PrivateBin. You can do this with cheap equipment directly at home, if you do not fear setting up a server.
If you cannot do this, you need to find a server, who you trust. On the one hand this means you have to trust the server operator. For this a relative or friend may help you or even set up an instance. You may also trust certain organisations or the developers of PrivateBin, who host their [own public instance](https://privatebin.net/).
So on the other hand you should check the technical measures the server administrator used, so you can trust the server. Here is a small checklist with recommendations: If you cannot do this, you need to find a server that you trust. On the one hand this means you have to trust the server operator. For this a relative or friend may help you or even set up an instance.
* Check that the server uses HTTPS. On https://privatebin.net/ you can e.g. see that it does, because the address starts with `https:`. If you decide to use one of the sites listed in the [public directory](https://github.com/PrivateBin/PrivateBin/wiki/PrivateBin-Directory) you should check the technical measures the server administrator used, to decide if you can trust the server. Here is a small checklist:
* Enter the web address into https://www.ssllabs.com/ssltest/ and let it check the server. It actually checks the HTTPS configuration.
We recommend that servers have at least an **A rating**. If they have less, you might look for a better server. If they have A+ you are on a good site! * Check if the server uses HTTPS in the address bar of your browser. On `https://privatebin.net/` you can see that it does, because the address starts with `https:`.
* Enter the web address into https://www.ssllabs.com/ssltest/ and let it check the server. The site checks the HTTPS configuration. We recommend that servers have at least an **A rating**. If they have less, you might look for a better server. If they have A+ you are on a good site!
* Enter the web address into https://securityheaders.io/. Here we also recommend an **A rating** or better. * Enter the web address into https://securityheaders.io/. Here we also recommend an **A rating** or better.
If a requirement is not fulfilled, you may contact the server administrator and ask them to improve it. Of course you can also suggest them improvements if they do not have the best ratings available, because they are reachable by any webserver admin, but they may decline to change their configuration in this way. If a requirement is not fulfilled but you still want to use that server, you may contact the server administrator and ask them to improve it.
### The URL is so long. Can't I just use a URL shortener? ### The URL is so long. Can't I just use a URL shortener?
Of course you can, nobody can prohibit you from doing so. However we generally **do not recommend it**. As said in the previous question everybody who has the URL can view the PrivateBin. This includes URL shorteners, so when you submit Of course you can, nobody can prohibit you from doing so. However we generally **do not recommend it**. As said in the previous question everybody who has the URL can view the PrivateBin. This includes URL shorteners, so when you submit your URL including the key, it can be retrieved from the shorteners access logs.
If you really want to use an URL shortener we recommend you to use a self-hosted one. If this is not possible, you may check if the URL shortener: If you use a URL shortener, we recommend that you set a password and/or you use a self-hosted one. If this is not possible, you may check if the URL shortener:
* offers HTTPS on the page where you enter the PrivateBin URL * offers HTTPS on the page where you enter the PrivateBin URL
* the generated short URL is a HTTPS URL * the generated short URL is a HTTPS-URL
* does not publish the shortened URLs somewhere * does not publish the shortened URLs somewhere
If these requirements are fulfilled, you may want to use it. If you additionally selected to destroy the PrivateBin on the first visit or you encrypted your paste with a strong password (see previous question), you can now be fairly sure, nobody read your messages. If these requirements are fulfilled, you may consider to use it. If you additionally selected to destroy the PrivateBin on the first visit (burn after reading) or you did set a strong password on your paste (see previous question), you can be fairly sure that nobody intercepts your message.
For server admins we actually [provide a way](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#urlshortener) to integrate an URL shortener into PrivateBin. Of course the same arguments apply here as well. For server admins we do actually [provide a way](https://github.com/PrivateBin/PrivateBin/wiki/Configuration#urlshortener) to integrate an URL shortener into PrivateBin. It is strongly suggested to set up that shortener alongside on the same server instance or with the same security considerations as the PrivateBin instance itself.
### Why should I use PrivateBin? ### Why should I use PrivateBin?
#### As a user... #### As a user...
* you can keep secrets such as passwords out of chats and share them with others * you can keep secrets such as passwords out of chats and share them with others
* you can choose a trusted provider (maybe a friend or even yourself when self hosting the service) * you can choose a trusted provider (maybe a friend or even yourself when self hosting the service)
* you can upload files* * you can share files*
* and select the storage time* * and set a limited life time*
* you can discuss topics with other people * you can discuss topics with other people
\* Only available if the server admin has enabled this feature. \* Only available if the server admin has enabled this feature.
#### As a server admin... #### As a server admin...
* you are protected against legal orders forcing you to scan the content you receive from your users (which is not possible * you are protected against legal orders forcing you to scan the content you receive from your users (which is not possible with PrivateBin, as you don't have the pastes keys)
* you provide a service for [those who need it](https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html) * you provide a service for [those who need it](https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html)
* you can customize theme and the code of PrivateBin, everything is open-source * you can customize the template and code of PrivateBin, everything is open-source
### Should I switch from ZeroBin to PrivateBin? ### Should I switch from ZeroBin to PrivateBin?
In short: Yes. In short: Yes.
The longer answer is: ZeroBin is outdated and not maintained anymore. As you may know, using software, which is not maintained anymore is generally a bad idea as it gets no security fixes. In this case you can have a look at all [closed security issues](https://github.com/PrivateBin/PrivateBin/issues?q=is%3Aissue+label%3Asecurity+is%3Aclosed) and you'll see that these are a lot. Among others we handled all issues [discovered by an security audit](https://github.com/PrivateBin/PrivateBin/issues/20) from 2014 and we enhanced the security further by implementing many new security features. The longer answer is: ZeroBin is not maintained anymore. Using software which is not maintained anymore is generally a bad idea, as it gets no security fixes. In this case you can have a look at the [closed security issues](https://github.com/PrivateBin/PrivateBin/issues?q=is%3Aissue+label%3Asecurity+is%3Aclosed) and you'll see that there were quite a few. Among others we handled all issues [discovered by an security audit](https://github.com/PrivateBin/PrivateBin/issues/20) from 2014 and we enhanced the security further by implementing additional security features.
You may also look at the release notes of PrivateBin to see what else changed. You can also look at the release notes of PrivateBin to see what else changed.
### But JavaScript encryption is not secure! ### But JavaScript encryption is not secure!
At first, this is not a question. Secondly we acknowledge that and are well aware that JavaScript cannot provide the same level of security as other methods do. That is why we explicitly mention this issue [in our Readme](https://github.com/PrivateBin/PrivateBin#what-it-doesnt-provide). At first, this is not a question. Secondly we acknowledge that and are well aware that JavaScript cannot provide the same level of security as other methods do, because you still need to trust the server administrator not to deliver manipulated scripts. That is why we explicitly mention this conceptual issue [in our Readme](https://github.com/PrivateBin/PrivateBin#what-it-doesnt-provide).
However people have different security requirements and sometimes a fast way to send someone an encrypted message is needed. If you want to be secure against any attacks, we strongly recommend you to **host your own PrivateBin instance** and use transport encryption (HTTPS and more) to prevent any modification of the data send and received by PrivateBin.
However people have different security requirements and sometimes a fast way to send someone an encrypted message is needed. If you want to be secure against any attacks, we strongly recommend you to **host your own PrivateBin instance** and use transport encryption (HTTPS and more) to prevent any modification of the data sent and received by PrivateBin.
## Technical ## Technical
### How to fix "There is no suitable CSPRNG installed on your system"? ### How to fix "There is no suitable CSPRNG installed on your system"?
This error means you do not have a secure cryptographic random number generator installed on your system. This is however required by PrivateBin for security reasons. This error means you do not have a cryptographically secure random number generator available on your system. This is a [requirement](https://github.com/PrivateBin/PrivateBin/wiki/Installation#requirements) of PrivateBin for security reasons.
Have a look at the [requirements list](https://github.com/PrivateBin/PrivateBin/wiki/Installation#requirements) to see what you are missing.
If you think you have at least one secure PRNG installed you can use the following test script to check which secure PRNG you actually support: If you think you have at least one secure CSPRNG installed, you can use the following test script to check which secure PRNG you actually support:
```php ```php
<?php
echo '<pre>PHP version used: ', PHP_VERSION, PHP_EOL, echo '<pre>PHP version used: ', PHP_VERSION, PHP_EOL,
'extension libsodium is loaded: ', 'extension libsodium is loaded: ',
(extension_loaded('libsodium') ? 'true' : 'false'), PHP_EOL, (extension_loaded('libsodium') ? 'true' : 'false'), PHP_EOL,
@ -93,3 +94,4 @@ echo '<pre>PHP version used: ', PHP_VERSION, PHP_EOL,
'extension com_dotnet is loaded: ', 'extension com_dotnet is loaded: ',
(extension_loaded('com_dotnet') ? 'true' : 'false'), '</pre>'; (extension_loaded('com_dotnet') ? 'true' : 'false'), '</pre>';
``` ```
If all these checks fail, you need to either: upgrade to PHP 7, install libsodium, add `/dev/urandom` to your `open_basedir` setting, install mcrypt or install com_dotnet.